PassKeeper: Designing a secure online vault and browser extension

Abstract

The integration of various credentials of authentication in the era of digital platforms and applications has become a critical problem as security is increasingly becoming an issue in personal, employment and institutional integrity. The majority of users utilise the centralised password management systems, which can fall prey to data theft, unauthorised access and fall short at single points of failure. This research was aimed at designing and developing a new secure online password vault and browser extension called PassKeeper, which is decentralised, userfriendly, and secure, additionally being able to give the user full ownership of their credentials without storage on a central server. PassKeeper designed based on integration with AES-256 encryption, blockchain technology, smart contracts, and the Lit Protocol. There was identity authentication based on MetaMask, and credentials were stored by encrypting and distributed over the decentralised network. The findings indicated that the decentrated model vastly decreased the probability of a breach of the system plethora of data. The system was evaluated for reliability, security and usability. The findings reflected that the mean time of password recall was less than 15 seconds within a situation that was called normal or typical. User-friendly and intuitive rating was recorded by 87% of the participants in regards to interface. The module of facial recognition showed the result of a true positive match rate of 95.3% and a false rejection rate of 2.4% whereas unauthorised access attempts were effectively blocked. These results indicate that PassKeeper can be an effective choice, which is both decentralised and corrects all the shortcomings of conventional pass vaults, integrating sophisticated cryptography processes and biometric authentication to provide effective and safe digital credential management. The evaluation confirmed that the PassKeeper model, where users create a master password and verify their biometrics at first login and can later reset or change the master password through biometric reverification, directly addresses RQ2 by ensuring users retain complete ownership and control of their credentials. PassKeeper is also shown to be scalable under large user bases, and increases in the latency of PassKeeper show a low increase indeed, and mitigation insurance measures are provided in cementing load conditions. Grading the decentralised structure ensures that privacy is improved through the safe processing of the biometric data as well as the blockchain data, without involving centralised servers. All these qualities make PassKeeper a successful, user-focused and future-proof solution compared to traditional password vault systems. In this study, it has achieved that claim by showing that a combination of a blockchain, encryption technology, and a biometric verification system could create a robust and user-friendly substitute for conventional password vault storage.